<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
  <head>
    <meta name="Content-Type" content="text/html; charset=UTF-8" />
<title>Module: MasterMayI::ActiveRecordExtensions</title>
<link rel="stylesheet" href="../css/style.css" type="text/css" media="screen" charset="utf-8" />
<link rel="stylesheet" href="../css/common.css" type="text/css" media="screen" charset="utf-8" />

<script type="text/javascript" charset="utf-8">
  relpath = '..';
  if (relpath != '') relpath += '/';
</script>
<script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/app.js"></script>

  </head>
  <body>
    <div id="header">
      <div id="menu">
  
    <a href="../_index.html">Index (A)</a> &raquo; 
    <a href="../MasterMayI.html" title="MasterMayI">MasterMayI</a>
     &raquo; 
    <span class="title">ActiveRecordExtensions</span>
  
</div>

      <div id="search">
  <a id="class_list_link" href="#">Namespace List</a>
  <a id="method_list_link" href="#">Method List</a>
  <a id ="file_list_link" href="#">File List</a>
</div>

      <div class="clear"></div>
    </div>
    
    <iframe id="search_frame"></iframe>
    
    <div id="content"><h1>Module: MasterMayI::ActiveRecordExtensions 
  
  
</h1>

<dl class="box">
  
  
    
  
    
  
  
    <dt class="r1 last">Defined in:</dt>
    <dd class="r1 last">lib/master_may_i/active_record_extensions.rb</dd>
  
</dl>
<div class="clear"></div>

<h2>Overview</h2><div class="docstring">
  <div class="discussion">
    <p>
I add authorization query methods to every ActiveRecord model (through
ActiveRecord::Base). Each model is given the following methods:
</p>
<h3><tt><a href="ActiveRecordExtensions/ClassMethods.html" title="Class methods">Class methods</a></tt>:</h3>
<ul>
<li><tt>Model.creatable_by? user</tt>

</li>
<li><tt>Model.creatable?</tt>

</li>
</ul>
<h3><tt><a href="ActiveRecordExtensions/InstanceMethods.html" title="Instance methods">Instance methods</a></tt>:</h3>
<ul>
<li><tt>@model.readable_by? user</tt>

</li>
<li><tt>@model.readable?</tt>

</li>
<li><tt>@model.editable_by? user</tt>

</li>
<li><tt>@model.editable?</tt>

</li>
<li><tt>@model.destroyable_by? user</tt>

</li>
<li><tt>@model.destroyable?</tt>

</li>
</ul>
<h2>Usage</h2>
<p>
Use these methods throughout your application to determine who can do what.
</p>
<pre class="code">
  <span class='link_to_if identifier id'>link_to_if</span> <span class='@note ivar id'>@note</span><span class='dot token'>.</span><span class='editable? fid id'>editable?</span><span class='comma token'>,</span> <span class='string val'>&quot;edit note&quot;</span><span class='comma token'>,</span> <span class='edit_note_url identifier id'>edit_note_url</span>
</pre>
<h3>Customization</h3>
<p>
Each of the <tt>creatable_by?</tt>, <tt>readable_by?</tt>,
<tt>editable_by?</tt> and <tt>destroyable_by?</tt> methods return true by
default, and should be redefined by each model in turn.
</p>
<h3>Example</h3>
<pre class="code">
  <span class='class class kw'>class</span> <span class='Note constant id'>Note</span> <span class='lt op'>&lt;</span> <span class='ActiveRecord constant id'>ActiveRecord</span><span class='colon2 op'>::</span><span class='Base constant id'>Base</span>
    <span class='records_creating_user identifier id'>records_creating_user</span> <span class='symbol val'>:as</span> <span class='assign token'>=</span><span class='gt op'>&gt;</span> <span class='symbol val'>:owner</span>

    <span class='def def kw'>def</span> <span class='self self kw'>self</span><span class='dot token'>.</span><span class='creatable_by? fid id'>creatable_by?</span><span class='lparen token'>(</span><span class='user identifier id'>user</span><span class='rparen token'>)</span>
      <span class='user identifier id'>user</span>
    <span class='end end kw'>end</span>

    <span class='def def kw'>def</span> <span class='editable_by? fid id'>editable_by?</span><span class='lparen token'>(</span><span class='user identifier id'>user</span><span class='rparen token'>)</span>
      <span class='return return kw'>return</span> <span class='false false kw'>false</span> <span class='unless unless_mod kw'>unless</span> <span class='user identifier id'>user</span>
      <span class='user identifier id'>user</span><span class='dot token'>.</span><span class='administrator? fid id'>administrator?</span> <span class='or or kw'>or</span> <span class='created_by? fid id'>created_by?</span><span class='lparen token'>(</span><span class='user identifier id'>user</span><span class='rparen token'>)</span>
    <span class='end end kw'>end</span>
  <span class='end end kw'>end</span>

  <span class='@note ivar id'>@note</span> <span class='assign token'>=</span> <span class='Note constant id'>Note</span><span class='dot token'>.</span><span class='create identifier id'>create</span>               <span class='comment val'># Inside the controller</span>
  <span class='@note ivar id'>@note</span><span class='dot token'>.</span><span class='owner identifier id'>owner</span>                       <span class='assign token'>=</span><span class='gt op'>&gt;</span> <span class='User constant id'>User</span> <span class='record identifier id'>record</span> <span class='set identifier id'>set</span> <span class='via identifier id'>via</span> <span class='Authlogic constant id'>Authlogic</span> <span class='session identifier id'>session</span>
  <span class='@note ivar id'>@note</span><span class='dot token'>.</span><span class='editable_by? fid id'>editable_by?</span><span class='lparen token'>(</span><span class='@note ivar id'>@note</span><span class='dot token'>.</span><span class='owner identifier id'>owner</span><span class='rparen token'>)</span>   <span class='assign token'>=</span><span class='gt op'>&gt;</span> <span class='true true kw'>true</span>
  <span class='@note ivar id'>@note</span><span class='dot token'>.</span><span class='editable_by? fid id'>editable_by?</span><span class='lparen token'>(</span><span class='nil nil kw'>nil</span><span class='rparen token'>)</span>           <span class='assign token'>=</span><span class='gt op'>&gt;</span> <span class='false false kw'>false</span>
  <span class='@note ivar id'>@note</span><span class='dot token'>.</span><span class='editable_by? fid id'>editable_by?</span><span class='lparen token'>(</span><span class='other_user identifier id'>other_user</span><span class='rparen token'>)</span>    <span class='assign token'>=</span><span class='gt op'>&gt;</span> <span class='false false kw'>false</span>
  <span class='@note ivar id'>@note</span><span class='dot token'>.</span><span class='destroyable_by? fid id'>destroyable_by?</span><span class='lparen token'>(</span><span class='other_user identifier id'>other_user</span><span class='rparen token'>)</span> <span class='assign token'>=</span><span class='gt op'>&gt;</span> <span class='true true kw'>true</span> <span class='comment val'># ...since that's the default</span>
</pre>
<p>
Each of the <tt>creatable?</tt>, <tt>readable?</tt>, <tt>editable?</tt> and
<tt>destroyable?</tt> methods simply delegate to the <tt>xxx_by?</tt>
methods, passing in the currently logged in user. The currently logged in
user is returned by the
<tt><a href="ActiveRecordExtensions/ClassMethods.html#user_from_session-instance_method" title="<tt>user_from_session</tt>"><tt>user_from_session</tt></a></tt> method, which looks at the Authlogic
UserSession model.
</p>
<h3>Do not override the creatable?, readable?, editable? or destroyable? methods. Redefine the creatable_by?, readable_by?, editable_by? and destroyable_by? methods instead.</h3>


  </div>
</div>
<div class="tags">
  
</div><h2>Defined Under Namespace</h2>
<p class="children">
   
    
      <strong class="modules">Modules:</strong> <a href="ActiveRecordExtensions/ClassMethods.html" title="ClassMethods">ClassMethods</a>, <a href="ActiveRecordExtensions/InstanceMethods.html" title="InstanceMethods">InstanceMethods</a>
    
   
    
  
</p>





</div>
    
    <div id="footer">
  Generated on Wed Dec 23 03:17:30 2009 by 
  <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool">yard</a>
  0.4.0 (ruby-1.8.6).
</div>

  </body>
</html>